Code Review Request: TLS 1.3 Implementation

Xuelei Fan xuelei.fan at oracle.com
Fri Jun 15 14:56:53 UTC 2018 

SSLExtension.java
-----------------
The "supported_versions" can be used in TLS 1.2 ClientHello, per the 
specification:

    Implementations of TLS 1.3 which choose to support prior
    versions of TLS SHOULD support TLS 1.2.  Servers MUST be prepared to
    receive ClientHellos that include this extension but do not include
    0x0304 in the list of versions.

Although, the extension cannot be use in ServerHello for TLS 1.2 and 
prior versions:

    A server which negotiates a version of TLS prior to TLS 1.3 MUST set
    ServerHello.version and MUST NOT send the "supported_versions"
    extension.

Xuelei

On 6/8/2018 10:21 AM, Xuelei Fan wrote:
> Here is the 3rd full webrev:
>     http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.02
> 
> and the delta update to the 1st webrev:
>     http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.01
> 
> Xuelei
> 
> On 6/3/2018 9:43 PM, Xuelei Fan wrote:
>> Hi,
>>
>> Here it the 2nd full webrev:
>>    http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.01
>>
>> and the delta update to the 1st webrev:
>>    http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.00/
>>
>> Xuelei
>>
>> On 5/25/2018 4:45 PM, Xuelei Fan wrote:
>>> Hi,
>>>
>>> I'd like to invite you to review the TLS 1.3 implementation.  I 
>>> appreciate it if I could have compatibility and specification 
>>> feedback before May 31, 2018, and implementation feedback before June 
>>> 7, 2018.
>>>
>>> Here is the webrev:
>>>      http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
>>>
>>> The formal TLS 1.3 specification is not finalized yet, although it 
>>> had been approved to be a standard.  The implementation is basedon 
>>> the draft version 28:
>>>      https://tools.ietf.org/html/draft-ietf-tls-tls13-28
>>>
>>> For the overall description of this enhancement, please refer to JEP 
>>> 332:
>>>      http://openjdk.java.net/jeps/332
>>>
>>> For the compatibility and specification update, please refer to CSR 
>>> 8202625:
>>>      https://bugs.openjdk.java.net/browse/JDK-8202625
>>>
>>> Note that we are using the sandbox for the development right now.  
>>> For more information, please refer to Bradford's previous email:
>>>
>>> http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html
>>>
>>> Thanks & Regards,
>>> Xuelei

More information about the security-dev mailing list